From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by sourceware.org (Postfix) with ESMTP id 3ACF73848404 for ; Sun, 9 May 2021 21:42:10 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 3ACF73848404 Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com [209.85.160.199]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-267-jkKuyR1qPHew39RHUePY8Q-1; Sun, 09 May 2021 17:42:07 -0400 X-MC-Unique: jkKuyR1qPHew39RHUePY8Q-1 Received: by mail-qt1-f199.google.com with SMTP id e28-20020ac84b5c0000b02901cd9b2b2170so9236790qts.13 for ; Sun, 09 May 2021 14:42:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=o8q9qAZ46KIOOLVbpYzxoTh0LVa694xTjgIZb7eLdzg=; b=iJ+9mTFCXDbjs6I/0WCd5KM06mj6/rSZLoplWRs3pJMULQY5qi7LLRMs2cw5HqIAoL HzGYR0GHshdb9+y51tiSfimE/ffalT3CL3to8VW4LWH7H7ve6zDDNoAR7vEHegCrikt2 g5BzLgA//yQUmWe3Jj6UEOmOzrvh6qB2eE4ENLvhFuuIamzJiYDM2mCcE/81SjIUjZKe H1aRdbwV/erOH/3EgqxkLUexYdoBbWbO4dMLXOoKwvGsKJ1Ypa4IyzkzP2q7A7J8ZoXf PDpQowR6H9L8kc8nDnFkOpTlLfDhy500DEUzp59KPWZwsVMkBkxgKkPy2DFbDmhw/ExR SRFw== X-Gm-Message-State: AOAM532RQ9bt22pMRgv7KiKC/mzloadHCgdg7wls7FkFTLu+ntFyYGYr FVXHSUL6zKXy6C/Ja5OK+fyy8xC+xNK/Vy9jUXge7Hy6GK5TSH6AKLWqrYFDiTwhhxYiZeNp8F0 KNJYcxhc7rULGv8z2qFvvVrmHko6q87OCLfic+0asDEl5cRuALYec6oZgLxxJxQlW++R0+w== X-Received: by 2002:a05:620a:945:: with SMTP id w5mr17096231qkw.68.1620596526080; Sun, 09 May 2021 14:42:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxTRROi0QjlCnpm0EbUME01+iJkKMXSi3w/lLh2ooxiI8qcp/ShXYYr40bjUyhMkab6cBUrTg== X-Received: by 2002:a05:620a:945:: with SMTP id w5mr17096214qkw.68.1620596525749; Sun, 09 May 2021 14:42:05 -0700 (PDT) Received: from [192.168.1.16] (198-84-214-74.cpe.teksavvy.com. [198.84.214.74]) by smtp.gmail.com with ESMTPSA id s190sm9879035qkc.40.2021.05.09.14.42.04 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 09 May 2021 14:42:05 -0700 (PDT) Subject: Re: [PATCH 10/13] nptl: Move changing of stack permissions into ld.so To: Florian Weimer , libc-alpha@sourceware.org References: From: Carlos O'Donell Organization: Red Hat Message-ID: Date: Sun, 9 May 2021 17:42:04 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-12.0 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 May 2021 21:42:12 -0000 On 5/6/21 2:11 PM, Florian Weimer via Libc-alpha wrote: > All the stack lists are now in _rtld_global, so it is possible > to change stack permissions directly from there, instead of > calling into libpthread to do the change. LGTM. Tested on x86_64 and i686 without regression. Tested-by: Carlos O'Donell Reviewed-by: Carlos O'Donell > --- > elf/dl-load.c | 4 ++ > elf/dl-support.c | 10 ++-- > elf/rtld.c | 2 + > nptl/allocatestack.c | 63 +-------------------- > nptl/nptl-init.c | 4 -- > nptl/pthreadP.h | 7 ++- > sysdeps/generic/ldsodefs.h | 11 +++- > sysdeps/unix/sysv/linux/Versions | 6 ++ > sysdeps/unix/sysv/linux/dl-execstack.c | 76 +++++++++++++++++++++++--- > 9 files changed, 100 insertions(+), 83 deletions(-) > > diff --git a/elf/dl-load.c b/elf/dl-load.c > index 2832ab3540..918ec7546c 100644 > --- a/elf/dl-load.c > +++ b/elf/dl-load.c > @@ -1368,7 +1368,11 @@ _dl_map_object_from_fd (const char *name, const char *origname, int fd, > check_consistency (); > #endif > > +#if PTHREAD_IN_LIBC > + errval = _dl_make_stacks_executable (stack_endp); > +#else > errval = (*GL(dl_make_stack_executable_hook)) (stack_endp); > +#endif > if (errval) > { > errstring = N_("\ > diff --git a/elf/dl-support.c b/elf/dl-support.c > index 580b0202ad..dfc9ab760e 100644 > --- a/elf/dl-support.c > +++ b/elf/dl-support.c > @@ -183,12 +183,6 @@ uint64_t _dl_hwcap_mask __attribute__ ((nocommon)); > * executable but this isn't true for all platforms. */ > ElfW(Word) _dl_stack_flags = DEFAULT_STACK_PERMS; > > -/* If loading a shared object requires that we make the stack executable > - when it was not, we do it by calling this function. > - It returns an errno code or zero on success. */ > -int (*_dl_make_stack_executable_hook) (void **) = _dl_make_stack_executable; > - > - > #if THREAD_GSCOPE_IN_TCB > list_t _dl_stack_used; > list_t _dl_stack_user; > @@ -197,6 +191,10 @@ size_t _dl_stack_cache_actsize; > uintptr_t _dl_in_flight_stack; > int _dl_stack_cache_lock; > #else > +/* If loading a shared object requires that we make the stack executable > + when it was not, we do it by calling this function. > + It returns an errno code or zero on success. */ > +int (*_dl_make_stack_executable_hook) (void **) = _dl_make_stack_executable; > int _dl_thread_gscope_count; > void (*_dl_init_static_tls) (struct link_map *) = &_dl_nothread_init_static_tls; > #endif > diff --git a/elf/rtld.c b/elf/rtld.c > index 1255d5cc7d..fbbd60b446 100644 > --- a/elf/rtld.c > +++ b/elf/rtld.c > @@ -1125,9 +1125,11 @@ dl_main (const ElfW(Phdr) *phdr, > > __tls_pre_init_tp (); > > +#if !PTHREAD_IN_LIBC > /* The explicit initialization here is cheaper than processing the reloc > in the _rtld_local definition's initializer. */ > GL(dl_make_stack_executable_hook) = &_dl_make_stack_executable; > +#endif > > /* Process the environment variable which control the behaviour. */ > process_envvars (&state); > diff --git a/nptl/allocatestack.c b/nptl/allocatestack.c > index 46089163f4..12cd1058d4 100644 > --- a/nptl/allocatestack.c > +++ b/nptl/allocatestack.c > @@ -291,31 +291,6 @@ queue_stack (struct pthread *stack) > free_stacks (stack_cache_maxsize); > } > > - > -static int > -change_stack_perm (struct pthread *pd) > -{ > -#ifdef NEED_SEPARATE_REGISTER_STACK > - size_t pagemask = __getpagesize () - 1; > - void *stack = (pd->stackblock > - + (((((pd->stackblock_size - pd->guardsize) / 2) > - & pagemask) + pd->guardsize) & pagemask)); > - size_t len = pd->stackblock + pd->stackblock_size - stack; > -#elif _STACK_GROWS_DOWN > - void *stack = pd->stackblock + pd->guardsize; > - size_t len = pd->stackblock_size - pd->guardsize; > -#elif _STACK_GROWS_UP > - void *stack = pd->stackblock; > - size_t len = (uintptr_t) pd - pd->guardsize - (uintptr_t) pd->stackblock; > -#else > -# error "Define either _STACK_GROWS_DOWN or _STACK_GROWS_UP" > -#endif > - if (__mprotect (stack, len, PROT_READ | PROT_WRITE | PROT_EXEC) != 0) > - return errno; > - > - return 0; > -} > - > /* Return the guard page position on allocated stack. */ > static inline char * > __attribute ((always_inline)) > @@ -625,7 +600,7 @@ allocate_stack (const struct pthread_attr *attr, struct pthread **pdp, > if (__builtin_expect ((GL(dl_stack_flags) & PF_X) != 0 > && (prot & PROT_EXEC) == 0, 0)) > { > - int err = change_stack_perm (pd); > + int err = __nptl_change_stack_perm (pd); > if (err != 0) > { > /* Free the stack memory we just allocated. */ > @@ -780,42 +755,6 @@ __deallocate_stack (struct pthread *pd) > lll_unlock (GL (dl_stack_cache_lock), LLL_PRIVATE); > } > > - > -int > -__make_stacks_executable (void **stack_endp) > -{ > - /* First the main thread's stack. */ > - int err = _dl_make_stack_executable (stack_endp); > - if (err != 0) > - return err; > - > - lll_lock (GL (dl_stack_cache_lock), LLL_PRIVATE); > - > - list_t *runp; > - list_for_each (runp, &GL (dl_stack_used)) > - { > - err = change_stack_perm (list_entry (runp, struct pthread, list)); > - if (err != 0) > - break; > - } > - > - /* Also change the permission for the currently unused stacks. This > - might be wasted time but better spend it here than adding a check > - in the fast path. */ > - if (err == 0) > - list_for_each (runp, &GL (dl_stack_cache)) > - { > - err = change_stack_perm (list_entry (runp, struct pthread, list)); > - if (err != 0) > - break; > - } > - > - lll_unlock (GL (dl_stack_cache_lock), LLL_PRIVATE); > - > - return err; > -} > - > - > /* In case of a fork() call the memory allocation in the child will be > the same but only one thread is running. All stacks except that of > the one running thread are not used anymore. We have to recycle > diff --git a/nptl/nptl-init.c b/nptl/nptl-init.c > index 2fb1117f3e..4c89e7a792 100644 > --- a/nptl/nptl-init.c > +++ b/nptl/nptl-init.c > @@ -173,10 +173,6 @@ __pthread_initialize_minimal_internal (void) > __default_pthread_attr.internal.guardsize = GLRO (dl_pagesize); > lll_unlock (__default_pthread_attr_lock, LLL_PRIVATE); > > -#ifdef SHARED > - GL(dl_make_stack_executable_hook) = &__make_stacks_executable; > -#endif > - > /* Register the fork generation counter with the libc. */ > __libc_pthread_init (__reclaim_stacks); > } > diff --git a/nptl/pthreadP.h b/nptl/pthreadP.h > index 8ab247f977..3a6b436400 100644 > --- a/nptl/pthreadP.h > +++ b/nptl/pthreadP.h > @@ -335,8 +335,11 @@ extern void __deallocate_stack (struct pthread *pd) attribute_hidden; > function also re-initializes the lock for the stack cache. */ > extern void __reclaim_stacks (void) attribute_hidden; > > -/* Make all threads's stacks executable. */ > -extern int __make_stacks_executable (void **stack_endp) attribute_hidden; > +/* Change the permissions of a thread stack. Called from > + _dl_make_stacks_executable and pthread_create. */ > +int > +__nptl_change_stack_perm (struct pthread *pd); > +rtld_hidden_proto (__nptl_change_stack_perm) > > /* longjmp handling. */ > extern void __pthread_cleanup_upto (__jmp_buf target, char *targetframe); > diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h > index 81cce2e4d5..8426b5cbd8 100644 > --- a/sysdeps/generic/ldsodefs.h > +++ b/sysdeps/generic/ldsodefs.h > @@ -416,10 +416,12 @@ struct rtld_global > #endif > #include > > +#if !PTHREAD_IN_LIBC > /* If loading a shared object requires that we make the stack executable > when it was not, we do it by calling this function. > It returns an errno code or zero on success. */ > EXTERN int (*_dl_make_stack_executable_hook) (void **); > +#endif > > /* Prevailing state of the stack, PF_X indicating it's executable. */ > EXTERN ElfW(Word) _dl_stack_flags; > @@ -717,10 +719,17 @@ extern const ElfW(Phdr) *_dl_phdr; > extern size_t _dl_phnum; > #endif > > +#if PTHREAD_IN_LIBC > +/* This function changes the permissions of all stacks (not just those > + of the main stack). */ > +int _dl_make_stacks_executable (void **stack_endp) attribute_hidden; > +#else > /* This is the initial value of GL(dl_make_stack_executable_hook). > - A threads library can change it. */ > + A threads library can change it. The ld.so implementation changes > + the permissions of the main stack only. */ > extern int _dl_make_stack_executable (void **stack_endp); > rtld_hidden_proto (_dl_make_stack_executable) > +#endif > > /* Variable pointing to the end of the stack (or close to it). This value > must be constant over the runtime of the application. Some programs > diff --git a/sysdeps/unix/sysv/linux/Versions b/sysdeps/unix/sysv/linux/Versions > index c35f783e2a..220bb2dffe 100644 > --- a/sysdeps/unix/sysv/linux/Versions > +++ b/sysdeps/unix/sysv/linux/Versions > @@ -181,3 +181,9 @@ libc { > __netlink_assert_response; > } > } > + > +ld { > + GLIBC_PRIVATE { > + __nptl_change_stack_perm; > + } > +} > diff --git a/sysdeps/unix/sysv/linux/dl-execstack.c b/sysdeps/unix/sysv/linux/dl-execstack.c > index 3339138c42..e2449d1890 100644 > --- a/sysdeps/unix/sysv/linux/dl-execstack.c > +++ b/sysdeps/unix/sysv/linux/dl-execstack.c > @@ -16,20 +16,21 @@ > License along with the GNU C Library; if not, see > . */ > > -#include > -#include > #include > +#include > #include > -#include > +#include > +#include > #include > +#include > +#include > #include > - > +#include > > extern int __stack_prot attribute_relro attribute_hidden; > > - > -int > -_dl_make_stack_executable (void **stack_endp) > +static int > +make_main_stack_executable (void **stack_endp) > { > /* This gives us the highest/lowest page that needs to be changed. */ > uintptr_t page = ((uintptr_t) *stack_endp > @@ -56,4 +57,63 @@ _dl_make_stack_executable (void **stack_endp) > > return result; > } > -rtld_hidden_def (_dl_make_stack_executable) > + > +int > +_dl_make_stacks_executable (void **stack_endp) > +{ > + /* First the main thread's stack. */ > + int err = make_main_stack_executable (stack_endp); > + if (err != 0) > + return err; > + > + lll_lock (GL (dl_stack_cache_lock), LLL_PRIVATE); > + > + list_t *runp; > + list_for_each (runp, &GL (dl_stack_used)) > + { > + err = __nptl_change_stack_perm (list_entry (runp, struct pthread, list)); > + if (err != 0) > + break; > + } > + > + /* Also change the permission for the currently unused stacks. This > + might be wasted time but better spend it here than adding a check > + in the fast path. */ > + if (err == 0) > + list_for_each (runp, &GL (dl_stack_cache)) > + { > + err = __nptl_change_stack_perm (list_entry (runp, struct pthread, > + list)); > + if (err != 0) > + break; > + } > + > + lll_unlock (GL (dl_stack_cache_lock), LLL_PRIVATE); > + > + return err; > +} > + > +int > +__nptl_change_stack_perm (struct pthread *pd) > +{ > +#ifdef NEED_SEPARATE_REGISTER_STACK > + size_t pagemask = __getpagesize () - 1; > + void *stack = (pd->stackblock > + + (((((pd->stackblock_size - pd->guardsize) / 2) > + & pagemask) + pd->guardsize) & pagemask)); > + size_t len = pd->stackblock + pd->stackblock_size - stack; > +#elif _STACK_GROWS_DOWN > + void *stack = pd->stackblock + pd->guardsize; > + size_t len = pd->stackblock_size - pd->guardsize; > +#elif _STACK_GROWS_UP > + void *stack = pd->stackblock; > + size_t len = (uintptr_t) pd - pd->guardsize - (uintptr_t) pd->stackblock; > +#else > +# error "Define either _STACK_GROWS_DOWN or _STACK_GROWS_UP" > +#endif > + if (__mprotect (stack, len, PROT_READ | PROT_WRITE | PROT_EXEC) != 0) > + return errno; > + > + return 0; > +} > +rtld_hidden_def (__nptl_change_stack_perm) > -- Cheers, Carlos.